From: Robert Scheck Date: Tue, 14 Feb 2017 20:47:25 +0000 (+0100) Subject: Handle negative reply for NNTP STARTTLS in s_client X-Git-Tag: OpenSSL_1_1_1-pre1~2385 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=af7e05c7c60b87723efccc01f6d03ebc07cdd93c;p=openssl Handle negative reply for NNTP STARTTLS in s_client Reviewed-by: Andy Polyakov Reviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/2629) --- diff --git a/apps/s_client.c b/apps/s_client.c index 6d960128f5..2db985daf3 100644 --- a/apps/s_client.c +++ b/apps/s_client.c @@ -2218,7 +2218,16 @@ int s_client_main(int argc, char **argv) "Didn't find STARTTLS in server response," " trying anyway...\n"); BIO_printf(sbio, "STARTTLS\r\n"); - BIO_read(sbio, sbuf, BUFSIZZ); + mbuf_len = BIO_read(sbio, mbuf, BUFSIZZ); + if (mbuf_len < 0) { + BIO_printf(bio_err, "BIO_read failed\n"); + goto end; + } + mbuf[mbuf_len] = '\0'; + if (strstr(mbuf, "382") == NULL) { + BIO_printf(bio_err, "STARTTLS failed: %s", mbuf); + goto shut; + } } break; case PROTO_SIEVE: @@ -2252,15 +2261,16 @@ int s_client_main(int argc, char **argv) if (mbuf_len < 0) { BIO_printf(bio_err, "BIO_read failed\n"); goto end; - } else if (mbuf_len < 2) { - BIO_printf(bio_err, "Server does not support STARTTLS.\n"); + } + mbuf[mbuf_len] = '\0'; + if (mbuf_len < 2) { + BIO_printf(bio_err, "STARTTLS failed: %s", mbuf); goto shut; } /* * According to RFC 5804 § 2.2, response codes are case- * insensitive, make it uppercase but preserve the response. */ - mbuf[mbuf_len] = '\0'; strncpy(sbuf, mbuf, 2); make_uppercase(sbuf); if (strncmp(sbuf, "OK", 2) != 0) {